To add a source, navigate to the Connections page and click the BigQuery button.
There are two ways of providing access to your BigQuery instance:
- Provide us with a service account that you manage in your Google Cloud account. This account should be provisioned with the following read-only roles:
You'll need to provide us with the service account's email, JSON-formatted key, and the location of your BigQuery instance. You'll also need to provide a nickname (e.g., BigQuery Prod); a Metaplane-specific display name.
- Grant permissions to a Metaplane-provided service account. In this case, we'll create a service account for you within our Google Cloud account. Initially, this new service account won't have access your BigQuery instance so you'll have to grant it the appropriate roles.
When selecting this option you'll get prompted for a nickname (e.g. BigQuery Prod), your
Regardless of the option you choose, providing your own service account or using one of ours, the service account will need the appropriate read-only roles:
bigquery.dataViewer (read data and metadata from dataset's tables),
bigquery.jobUser (run queries), and
bigquery.readSessionUser create and use read sessions).
The easiest way to grant these roles is through the Google Cloud Shell.
The commands are in the following format, replaced with your
project_id and a
service_account. You can copy, paste, and execute all three commands at once.
gcloud projects add-iam-policy-binding [[project_id]] \ --member [[service_account]] \ --role roles/bigquery.dataViewer gcloud projects add-iam-policy-binding [[project_id]] \ --member [[service_account]] \ --role roles/bigquery.jobUser gcloud projects add-iam-policy-binding [[project_id]] \ --member [[service_account]] \ --role roles/bigquery.readSessionUser
Metaplane will always connect to your data warehouse from these static IP addresses:
Updated 4 months ago